package com.qf.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class TestController {

    @GetMapping("/test1")
//    @PreAuthorize(value = "hasRole('ROLE_ADMIN')")
    // 角色和权限都可以使用hasAuthority
    @PreAuthorize("hasAuthority('PERMISSION_READ') and hasRole('ROLE_ADMIN')")
//    @PreAuthorize("hasPermission()") 需要 acl
    public String test1(){
        return "test1";
    }


    @RequestMapping("/abc")
    public String abc(){
        System.out.println("abc");
        return "abc";
    }
}
